Just weeks after a state audit found that Northgate Medical P.C. had substantially overbilled MassHealth, the Springfield-based medical group is now dealing with a data breach involving the theft of patient information – including their names, addresses, phone numbers and dates of birth.A former Northgate employee obtained the patient information before leaving the medical group, according to Northgate officials, who notified patients and urged them to take steps to protect their credit.The former employee took the information for “marketing purposes,” Northgate said in a March 22 statement, “and not for reasons related to identity theft or fraud.” Northgate reported the theft of patient information to Springfield police and urged patients to notify credit bureaus and monitor credit reports.”Northgate sincerely apologizes and regrets that this situation occurred,” the statement said, noting that the patient notifications were done to comply with the HIPPA Breach Notification Rule. All HIPAA-covered entities must provide notification after a “breach of unsecured protected health information,” according to the federal health law.Northgate is confident the former employee intended to use the patient information for marketing purposes only, said attorney Kimberly A. Klimczuk, a partner at Skoler, Abbott and Presser, a Springfield law firm that represents management in labor and employment cases.Dr. Jose Azocar, a partner at Northgate, said the overbilling and data breach incidents were unrelated. The breach follows state scrutiny of Northgate for improperly billing MassHealth by more than $191,000 over a three-year period.